Blog Home

SecurityTrails Blog

10 Backend Security Risks and Tips on How to Prevent Them.
SecurityTrails Blog · Mar 11 · by Esteban Borges

10 Backend Security Risks and Tips on How to Prevent Them

With modern web applications’ backends consisting of multiple servers, containers running different applications (often built from templates), and numerous software services being run, including web servers, databases, web proxies, and the like, you can see how vital it is to ensure every single part of the backend. Otherwise, your entire web application’s safety and security is at risk.

Trojans: Definition, Types and Protection.
SecurityTrails Blog · Mar 09 · by Sara Jelen

Trojans: Definition, Types and Protection

Some cybersecurity threats are so old-school that you don’t really hear that much about them—and they might even appear to slow down over the years. But since the beginning of the COVID-19 pandemic, threat actors and malware authors have been finding new ways to exploit the situation the world has found itself in. One of the most common tactics we’re seeing is the use of trojans.

Axiom: A Distributed Hacking Framework for Pentesters and Red Teamers.
SecurityTrails Blog · Mar 04 · by Gianni Perez

Axiom: A Distributed Hacking Framework for Pentesters and Red Teamers

With the arrival of the concept known as dynamic cloud a few years ago, leaders in the computing and security industries immediately seized the opportunity. Not only did this new paradigm offer flexibility and scalability, its dynamic nature also entailed a more diverse portfolio of applications and similar consumables, readily available and masterfully presented as a single, coherent platform. To security practitioners, and to penetration testers in specific, this newfound agility forever transformed the traditional in-house penetration-testing ecosystem into an entirely dynamic framework.

Building a Career in Incident Response With Cybersec Meg.
SecurityTrails Blog · Mar 02 · by Sara Jelen

Building a Career in Incident Response With Cybersec Meg

Cybersecurity is one of the fastest-growing industries, while cybersecurity professionals are some of the most valuable workers of any organization, regardless of the industry. There is some talk of a cybersecurity skills gap that claims a shortage of professionals, but is that true? Or is gatekeeping dictating unrealistic expectations for entry-level positions, making it harder for newcomers to break into the industry?

Recon Safari #4: Domains Riding the Robinhood Wave.
SecurityTrails Blog · Feb 23 · by SecurityTrails team

Recon Safari #4: Domains Riding the Robinhood Wave

During the past couple of weeks, the popular free financial trading app Robinhood made headlines for halting purchases of certain stocks. This has resulted in a lot of bad publicity for the company. And because threat actors enjoy exploiting trending news topics to their advantage, we decided to look at newly registered Robinhood domains to see how they’re being used.